You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@geode.apache.org by "Mark Hanson (Jira)" <ji...@apache.org> on 2019/12/30 18:50:10 UTC
[jira] [Closed] (GEODE-6985) Implement RestrictedMethodAuthorizer
[ https://issues.apache.org/jira/browse/GEODE-6985?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Mark Hanson closed GEODE-6985.
------------------------------
Transition from Resolved to Closed for Apache Geode 1.11.0 RC4 release.
> Implement RestrictedMethodAuthorizer
> ------------------------------------
>
> Key: GEODE-6985
> URL: https://issues.apache.org/jira/browse/GEODE-6985
> Project: Geode
> Issue Type: New Feature
> Components: querying
> Reporter: Juan Ramos
> Assignee: Juan Ramos
> Priority: Major
> Labels: GeodeCommons
> Fix For: 1.11.0
>
> Time Spent: 40m
> Remaining Estimate: 0h
>
> Implement the [RestrictedMethodAuthorizer|https://cwiki.apache.org/confluence/display/GEODE/OQL+Method+Invocation+Security#OQLMethodInvocationSecurity-RestrictedMethodAuthorizer] class.
> * Make sure the class is immutable and thread safe.
> * Add two new public methods to the implementation:
> ** {{isAllowedGeodeMethod}}: it should return {{true}} when the {{Method}} on the target {{Object}} is considered safe ({{Region.get}}, {{Region.entrySet}}, {{Region.keySet}}, {{Region.values}}, {{Region.getEntries}}, {{Region.getValues}}, {{Region.containsKey}}, {{Region.getKey}} and {{Region.getValue}}), and {{false}} otherwise.
> ** {{isKnownDangerousMethod}}: it should return {{true}} when the {{Method}} on the target {{Object}} is known to be a non-safe method. Including but not limited to {{getClass}}, which allows the user to execute anything using reflection.
> * Implement unit tests for the class and all of its methods.
> * Add comprehensive and clear documentation to the class and all its public methods so customers can use it without leaving their IDE.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)